module.exports = function(app){

app.get('/login', function(req, res) {
    	res.render('login.ejs');
});

app.post('/login', function(req, res) {
	AV.User.logIn(req.param('username'), req.param('password'), {
		success: function(user) {
			var usertype = user.get("usertype");
			if(usertype=="-1" || usertype=="1"){
				res.redirect('/app/index');
			}else{
				AV.User.logOut();
				res.render('error', { message: "当前用户无权限" });
			}

		},
		error: function(user, error) {
			var errorMsg = "";
			if(error.code == 211){
				errorMsg = "用户不存在！";
			}
			if(error.code == 210){
				errorMsg = "密码错误！";
			}
			res.render('error', { message: errorMsg });
			console.log('signin false: %j', error.code +" : "+ error.message);		  
		}
	});
});

app.get('/logout', function(req, res) {
	AV.User.logOut();
    	res.redirect('/login');
});

};
